The World According to Mitch

The ramblings of an IT Trainer and Community Leader

News

Wow... nearly a year. Who woulda thunk it?

Blog Roll

A Gotcha to Installing EBS in an Existing Environment

I encountered a problem this week-end that baffled me for a while… Here is the infrastructure, the problem, and the solution.

image This network diagram is a rough sketch of the relevant portions of the network.  At present I have a server (HP DL585 G2) working as my virtualization parent, with my Windows Small Business Server 2008 (SBS) running in a child machine.  This SBS box is very new to the environment, and will likely soon be used to record migrating from SBS 2008 to EBS 2008… but for now it does its thing.

I was given a clean server (HP DL385 G5) and tasked with creating a virtual Windows Essential Business Server 2008 (EBS) infrastructure for demonstration purposes at an upcoming event.  I installed the server with Windows Server 2008 (x64) Enterprise Edition with all of the necessary patches, installed the Hyper-V role, making sure that I patched Hyper-V as well (KB950050).

This was probably the twentieth time I have gone about installing EBS since I joined that beta program, and although there are a lot of ‘gotchas’ I am fairly adept at avoiding most of them.  Both the Management Server and Messaging Server have multiple virtual hard drives (each running on its own drive); I had pre-created two virtual networks (SWMI_Int and SWMI_Ext).  The EBS Security Server had two virtual NICs… one connected to each network, while the Management and Messaging Servers were connected to the Internal network.

I was fairly certain that I had followed the ‘measure twice, cut once’ rule to the best of my ability, and the installation was going very smoothly.  I ran the EBS Preparation and Planning Wizards, and the installation of the Management Server and Security Server went smoothly… but in my experience they always do, and it is the Messaging Server that causes the most issues.  Sure enough…

The first problem I encountered was an Intermittent Network Issue.. during the Domain Configuration pass.  This was not the first time I had seen this happen, and the Retry button allowed me to continue without doing any maintenance. 

The Exchange Server Installation pass failed, and also offered a Retry option… but to no avail.  The message told me to look in the C:\ExchangeSetupLogs directory for guidance.  The relevant portion of the log file (always the last few lines :)) are listed below:

[10/25/2008 10:24:07 PM] [2] Running <C:\Windows\system32\ldifde,exe> with arguments <-i –s “vSWMI-Msg.swmi.local” –f “C:\Program Files\Windows Essential Business Server\Bin\EXCHSVR80\Setup\ServerRoles\Common\Setup\Data\PostWindows2003_Schema0.ldf” –j “C:\Users\Administrator.swmi\AppData\Local\Temp” –c “<SchemaContainerDN>” “CN=Schema,CN=Configuration,DC=swmi,DC=local”>.

[10/25/2008 10:24:39 PM] [2] Process C:\Windows\system32\ldifde.exe has finished with exit code 8206.

[10/25/2008 10:24:39 PM] [2] [ERROR] Unexpected Error

[10/25/2008 10:24:39 PM] [2] An error occurred when executing ‘ldifde.exe’ to import schema file ‘C:\Program Files\Windows Essential Business Server\Bin\EXCHSVR80\Setup\ServerRoles\Common\Setup\Data\PostWindows2003_schema0.ldf’. Error code: 8206. More details can be found in the error file ‘C:\Users\Administrator.SWMI\AppData\Local\Temp.ldif.err’.

I followed the clues to the ldif.err file, which was much more succinct:

Entry DN: CN=ms-Exch-Access-Control-Map,CN=Schema,CN=Configuration,DC=swmi,DC=local

Add error on entry starting on line 1: Busy

The server side error is: 0x21a2 The FSMO role ownership could not be verified because its directory partition has not replicated successfully with at least one replication partner.

The extended server error is:

000021A2: SvcErr: DSID-030A0AF2, problem 5001 (BUSY), data 0

An error has occurred in the program

If the FSMO (Flexible Single Master Operation) role ownership could not be verified there was a problem with a domain controller… but the DC was installed from scratch in a pristine environment less than ten hours earlier, and had not been altered.  I pressed Retry knowing it wouldn’t work, and went up to bed.

In the morning I was greeted by the same error in the same spot… why weren’t my FSMO roles verifiable?  More importantly, what was different from the last time I installed EBS in September?  I was working off the same source files on the same platform… the only additions to my infrastructure were the SBS 2008 server, and my Windows Home Server (WHS).

WHS is not an Active Directory server, so it wouldn’t have anything to do with FSMO roles.  The Small Business Server, on the other hand, is… and what the two (SBS and EBS) have in common is that they both MUST hold all five FSMO roles on their primary server… and failing to do so not only is a licensing breach, it will also cause any number of unexpected errors.

Could it be that simple?  I disconnected (temporarily) the EBS Security Server’s external NIC… the one that was on the same subnet as my SBS box.  Lo and behold, when I pressed Retry the installation continued without any issues.

Posted: Oct 26 2008, 09:51 PM by Mitch | with 4 comment(s) |
Filed under: , , , , , , , , , , , , , , , ,

Comments

Rami Negev said:

Confused.  Where in the error log does it describe the real error unless you picked that up from a white paper from Support. As well what are the 5 FSMO roles that have to be met; and what was the external address that you configured your security server to to continue the install, though I suspect the two servers would not need to communicate with one another there after as the EBS was purpose built for a demo.

Please forgive me if this may sound like juvenile questions but I'm genuinly trying to learn.

<MDG Reply> The log files are in c:\ExchangeSetupLogs.  From the Setup press <Shift-F10> to break out of it and open a command prompt. -M

# October 28, 2008 1:15 PM

Pete said:

Little confusion... that last line, should that be REconfigured, as in, took it off the same subnet?

And is the implication here that they are all on the same domain? In which case the problem would have been caught during the planning. "I have a DC, I'm installing another DC, yet I choose the 'First DC on the domain option' (or doing the equivalent of)."

Of course, maybe I read it wrong.

<MDG Reply> I have edited the solution (last) paragraph.  I did not actually configure the NIC, I disconnected them.

The EBS infrastructure is not in the same domain as the SBS box, but all three EBS boxes are on the same domain.  Like SBS, EBS has a number of licensing restrictions, the first of which being that the Management Server must hold all five FSMO (Flexible Single Master Operations) roles... so because the SBS had them and the EBS had them there were crashes.  -M

# October 29, 2008 11:43 AM

Pete said:

So both SBS and EBS can be the only DC's on a network, unless you install a regular edition server as an additional DC? And even if they are not part of the same forest, there will be conflicts?

Or are there certain scenarios where you can have two SBS/EBS forests/domains coexisting on the same network? For example, could you have multiple SBS boxes as Virtualisation Children on one Virtualisation Parent, if there was no direct communication between the Children?

<MDG Reply> Either SBS or EBS have to be the first domain controller on the network, though (despite the myths) you can add more domain controllers running Windows Server.  Because either is supposed to hold all of the FSMO roles there will be conflicts if you have them both on the same network... during installation certainly but also potentially during the life cycle.  They are simply both meant to be the ONLY environment, so they do not play well with others.

If you are virtualizing instances of either for a lab environment, the way to ensure they do not crash into each other is to create multiple (and segregated) virtual networks so that they truly are segregated.

# October 30, 2008 7:05 AM

Matt said:

So, if I have an SBS03 server holding the FSMO roles, but a secondary DC running 03 standard - will there be any dramas having the EBS MAN server take the FSMO roles whilst keeping the 03 standard intact?

<MDG Reply> Upgrading from SBS 2K3 to is a simple and supported scenario, and easier for your question in that the SBS box held the FSMO roles... so the Server 2K3 Standard box can continue to exist as it has.  -M

# November 23, 2008 7:04 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)